Nemcio/Redmine
1
0
Fork 0
mirror of https://github.com/redmine/redmine.git synced 2025-11-02 03:15:57 +01:00
Code Issues Packages Projects Releases Activity

Added support for HTTP Basic access to the API. (#3920)

Browse Source 
A user can authenticate using either their:

* username/password
* api-key/random

git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@3219 e93f8b46-1217-0410-a6f0-8f06a7374b81
This commit is contained in:
Eric Davis
2009-12-23 06:27:38 +00:00
parent baa1ad4256
commit e07e9d8bfe
4 changed files with 183 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
app/controllers/application_controller.rb
View File

@@ -70,11 +70,19 @@ class ApplicationController < ActionController::Base
elsif params[:format] == 'atom' && params[:key] && accept_key_auth_actions.include?(params[:action])
# RSS key authentication does not start a session
User.find_by_rss_key(params[:key])
elsif ['xml', 'json'].include?(params[:format]) && params[:key] && accept_key_auth_actions.include?(params[:action])
User.find_by_api_key(params[:key])
elsif ['xml', 'json'].include?(params[:format]) && accept_key_auth_actions.include?(params[:action])
if params[:key].present?
# Use API key
User.find_by_api_key(params[:key])
else
# HTTP Basic, either username/password or API key/random
authenticate_with_http_basic do |username, password|
User.try_to_login(username, password) || User.find_by_api_key(username)
end
end
end
end
# Sets the logged in user
def logged_user=(user)
reset_session
@@ -118,6 +126,7 @@ class ApplicationController < ActionController::Base
end
respond_to do |format|
format.html { redirect_to :controller => "account", :action => "login", :back_url => url }
format.atom { redirect_to :controller => "account", :action => "login", :back_url => url }
format.xml { head :unauthorized }
format.json { head :unauthorized }
end